Comments on: Secondlife.com hacked – full access to all customer data http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/ Sat, 17 Sep 2011 10:00:04 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Andutzica http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/comment-page-1/#comment-5103 Andutzica Fri, 27 Nov 2009 11:58:03 +0000 http://hackersblog.org/?p=1198#comment-5103 auzi unu baga IDul meu de yahoo in lista ta ca vreau sa te intreb cv.....ID uzumaki.anda@yahoo.com auzi unu baga IDul meu de yahoo in lista ta ca vreau sa te intreb cv…..ID uzumaki.anda@yahoo.com

]]> By: KaBaDaYi http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/comment-page-1/#comment-1152 KaBaDaYi Sat, 21 Feb 2009 09:57:45 +0000 http://hackersblog.org/?p=1198#comment-1152 Lol concat function select * from yoneticiler where (user='' and pass=md5('')) or (user='bG9jYXRpb246aHR0cDov' and 'bG9jYXRpb246aHR0cDov'=concat('bG9jYXRp','b246aHR0cDov')) Lol concat function

select * from yoneticiler where (user=” and pass=md5(”)) or (user=’bG9jYXRpb246aHR0cDov’ and ‘bG9jYXRpb246aHR0cDov’=concat(‘bG9jYXRp’,'b246aHR0cDov’))

]]> By: Shocker http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/comment-page-1/#comment-957 Shocker Thu, 12 Feb 2009 19:35:23 +0000 http://hackersblog.org/?p=1198#comment-957 @Zorba & @gigix: aveti meniul "Categories", use it. @Zorba & @gigix: aveti meniul “Categories”, use it.

]]> By: Second Life is also victim of SQL Injection | N-Stalker Web Security Community http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/comment-page-1/#comment-949 Second Life is also victim of SQL Injection | N-Stalker Web Security Community Thu, 12 Feb 2009 14:56:59 +0000 http://hackersblog.org/?p=1198#comment-949 [...] to Hacker’s Blog, the famous virtual world “Second Life” was susceptible to a SQL injection [...] [...] to Hacker’s Blog, the famous virtual world “Second Life” was susceptible to a SQL injection [...]

]]> By: Abu Bakr http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/comment-page-1/#comment-876 Abu Bakr Wed, 11 Feb 2009 17:34:44 +0000 http://hackersblog.org/?p=1198#comment-876 haha lol great !! haha lol great !!

]]> By: Viana http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/comment-page-1/#comment-796 Viana Tue, 10 Feb 2009 19:43:21 +0000 http://hackersblog.org/?p=1198#comment-796 second life fail =/ second life fail =/

]]> By: gigix http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/comment-page-1/#comment-791 gigix Tue, 10 Feb 2009 19:28:05 +0000 http://hackersblog.org/?p=1198#comment-791 exista vreo vulnerabilitate prezenta aici care sa fie pe altceva decat lipsa fortarii unui parametru in integer? exista vreo vulnerabilitate prezenta aici care sa fie pe altceva decat lipsa fortarii unui parametru in integer?

]]> By: Zorba http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/comment-page-1/#comment-785 Zorba Tue, 10 Feb 2009 19:04:37 +0000 http://hackersblog.org/?p=1198#comment-785 sa = sau sa = sau

]]> By: Zorba http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/comment-page-1/#comment-784 Zorba Tue, 10 Feb 2009 19:03:13 +0000 http://hackersblog.org/?p=1198#comment-784 Ha ha, daca te bazezi pe responsabilitatea programatorului, atunci 99% sa mai mult din site-uri sunt vulnerabile. Dar as vrea sa vad si alte hack-uri, nu doar sql injection in site-uri php pe pagina de search sa alte pagini care listeaza date pe baza unui parametru in query string. Ha ha, daca te bazezi pe responsabilitatea programatorului, atunci 99% sa mai mult din site-uri sunt vulnerabile. Dar as vrea sa vad si alte hack-uri, nu doar sql injection in site-uri php pe pagina de search sa alte pagini care listeaza date pe baza unui parametru in query string.

]]> By: Adrian http://blog.rstcenter.com/2009/02/10/secondlifecom-hacked-full-access-to-all-customer-data/comment-page-1/#comment-778 Adrian Tue, 10 Feb 2009 17:35:16 +0000 http://hackersblog.org/?p=1198#comment-778 @Zorba Sunt si situri scrise in ASP .Net vulnerabile la SQL Injection. Daca scrii ceva de genu string query = "select * from users where login = " + login atunci inviti oamenii la SQL injection. E vorba de responsabilitatea programatorului, nu conteaza tehnologia care o folosesti. @Zorba

Sunt si situri scrise in ASP .Net vulnerabile la SQL Injection.
Daca scrii ceva de genu
string query = “select * from users where login = ” + login
atunci inviti oamenii la SQL injection.

E vorba de responsabilitatea programatorului, nu conteaza tehnologia care o folosesti.

]]>